If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Do u know Norman Sandbox?
It's a container to let an unknown virus run wild without wreaking the system.
It's actually a virtual computer.
I'd like to do a virtual computer also, quite fascinate by how it works but actually donno really
how it works
I think the first step is to intercept all system API calls.
I'm using VB. Any suggestions pls?
I'd be more than happy if anyone could tell me.

ASM,C,C++,BASIC,VB,JAVA,VBS,HTML,ASP,SQL
Programming is fun, but only if you\'re not on a tight deadline

Hey Jian2587,
If you are interested in virtual computers (i.e. Virtual machines) check out VMWare.http://www.vmware.com/landing/ws4_search.html
There is a 30 day trial download, so you can play wih different OSes. For example, you can have Windows and some flavour of Linux running at the same time on the same machine, but on different virtual machines. Good luck!

\"When you say best friends, it means friends forever\" Brand New
\"Best friends means I pulled the trigger
Best friends means you get what you deserve\" Taking Back Sunday
Visit alastairgrant.ca

Ah, not really virtual computers.
I meant sandbox.
A sandbox basically gives a program a fake environment of the OS it's running.
Not really fake, but all the API calls made by sandbox are intercepted by the sandbox in which
it could modify its return results and give it back to the program.

So let's say you let a virus run wild in a sandbox, it tries to destroy your system files, but the
API call to delete file is intercepted by the sandbox. The sandbox did not delete the files, but
it returns results that convinced the virus that the system files are already deleted. Basically,
we make the virus believe it's destroying something whereby in fact it didn't.

So what we need to do is to intercept system calls from certain programs.

Anyone have suggestions?

sorry, API calls made by a program, and not a sandbox.
I made a mistake.

ASM,C,C++,BASIC,VB,JAVA,VBS,HTML,ASP,SQL
Programming is fun, but only if you\'re not on a tight deadline

vmware

I Know that i'm very off topic but i installed vmware in xp & i put Debian ,could anyone of you
helpme how ,with host-only configured,share files between XP and DEbian with netcat
Sorry about my offtopic

I prefer to utilize various types of access controls to mimic sandboxes, sandboxes have the issue that a single userland can contain many sandboxes and data can move between them, plus they fail to protect the data within the sandbox so their usefulness is limited because it means the user needs to have their programs run in an environment that contains no valuable data, which kinda makes most applications useless.

On my system, client applications like my web browser and email client run as a restricted user so that I may speficially set what it can and cannot do, for this purpose the harrison, Ruzzo, and Ullman (HRU) access model is ideal. For services, a simple solution is domain based access controls (DBAC) as these effectively place your services in read only, non-hierarchical compartments isolated from the rest of the system. Both of these systems work even better when placed within hierarchical mandatory access controls. The end result is a system that effectively is sandboxed, however still useful as data can be safely used within the sandboxed environments. Additionally this method provides more finely grained controls, because most sandboxes merely prevent anything from stepping outside as if you are going to create a rule set and a collection of trusted agents to handle intercompartmental communications, you might as well take that extra step and simply use the access controls I've discussed, because to do so without these types of protections would be a monumental task to ensure a wide range of compatability.